Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Openssl Heart bleed mitigation for IOS XE

Can someone suggest, how to mitigate the openssl heart bleed with IOS XE, Please share the process

am currently using below model

 

Cisco Catalyst 4500X-16 SFP+ Switch

IOS version: cat4500e-universalk9.SPA.03.04.02.SG.151-2.SG2.bin

Everyone's tags (1)
1 REPLY
New Member

I believe you'd only have the

I believe you'd only have the HeartBleed vulnerability if ip http secure-server was enabled on your device. If that is not enabled, I believe you're ok. 

 

I haven't been able to find out too much information from Cisco except what's in this link:

 

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed

 

I too am trying to find out what needs to be done to patch my enterprise's IOS-XE (and any additional products Cisco identifies as being vulnerable) devices to a secure version.

 

While waiting to hear from Cisco, my team is going through all of our devices to ensure https is disabled.  

 

10
Views
0
Helpful
1
Replies
CreatePlease login to create content